I am a bit confused by Amazons CloudFront pricing structure.
So I want to use CloudFront to serve assets from my S3 bucket, with a domain like assets.domain.com and I want to use secured urls like https://assets.domain.com.
So in CloudFront I have these two options: https://d.pr/i/RtNKQ9
I can use the "Default CloudFront Certificate", which results in something like abc.cloudfront.net. So when I go with this option can I create a CNAME record at my domain to point from assets.domain.com to abc.cloudfront.net and then create a Let's Encrypt certificate on my webhost for assets.domain.com? In order to use https://assets.domain.com?
I can use the option "Custom SSL Certificate (example.com)" where within the ACM I can create a SSL certificate for the domain assets.domain.com - but here I understand that this will be charged by Amazon by $600 / month?
I see that users tell that this is not true and this option is for free as well (SNI Option) - but how can I be sure here? Where is the option that results in $600 / month located in the CloudFront distribution settings then?
Quote from the AWS Website:
Dedicated IP custom SSL You pay $600 per month for each custom SSL certificate associated with one or more CloudFront distributions using the Dedicated IP version of custom SSL certificate support.
So where can I find this "Dedicated IP version", because I want to disable it ;-)
Thanks for your help!
